0f16f7ed6c32b0d575213dce794c5335_JaffaCakes118 | Triage

Sharing

General

Target

0f16f7ed6c32b0d575213dce794c5335_JaffaCakes118
Size

149KB
MD5

0f16f7ed6c32b0d575213dce794c5335
SHA1

1dbc5909105088e7e9b9d43903fb050659a4c238
SHA256

d91ae8e559803d819bc2efcf796e069dd6384e6c855fe7bc81efdf7af3b2e05b
SHA512

a9593d2cc2ed3e34186d6de059ed78932529f8bcf3f6caf6da049cd4290ca1619302904bad37796e316436442f6773f96c1282634ef9c6b8c699cdd53e5be1f7
SSDEEP

3072:UFeYvVVw6yE32L9Wr7BkazMfJWGgnDZvL5IMPKFaq7VeWNMCAub:UFjvVVlD6K7qaIRWGgnDQMCF00MMb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f16f7ed6c32b0d575213dce794c5335_JaffaCakes118

Files

0f16f7ed6c32b0d575213dce794c5335_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4549bccf290e3bd1fd0727ea7cf08831

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueA
RegQueryValueExA
RegLoadKeyW
RegQueryValueW
RegCreateKeyExA
RegFlushKey
RegGetKeySecurity
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyA
RegOpenKeyW
RegOpenKeyExW
RegQueryInfoKeyA
RegEnumKeyW
RegEnumKeyA
RegOpenKeyA
RegDeleteValueW
RegReplaceKeyA
RegDeleteValueA
RegOpenKeyExA
RegEnumValueW
RegCreateKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegQueryValueA
RegReplaceKeyW
RegLoadKeyA
RegEnumKeyExA

kernel32

GetStdHandle
FlushFileBuffers
GetPriorityClass
GetLastError
DeleteFileW
CopyFileA
DeleteFileA
ExitThread
GetLocalTime
AddAtomW
WriteFile
CreateDirectoryA
FreeResource
ReadFile
GetCPInfo
GlobalFree
CopyFileExA
DeleteAtom
OpenFile
GetFileType
GetCommandLineA
FindAtomW
FatalExit
GetFileTime

Sections

.a54c
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.c0h1h
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g900g
Size: 104KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g577
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ